During Q4 we focused a lot on bug fixes and some quality of life enhancements. Here's the breakdown of what we've changed in Q4. 

ADDED

• Enhanced App Visibility on Environment Services: Updated the Cloud Services console to display client extensions under the appropriate service groups on the Services Page, improving resource management and visibility. This update ensures that client extensions are easily identifiable and manageable.
  
• GKE API Cluster Discovery Integration: Enhanced connectivity in Google Kubernetes Engine by integrating API cluster discovery features, simplifying the management and scaling of clusters within GKE environments.
• Syncing Sidecar for GCS Migration: Implemented a syncing sidecar alongside each Liferay instance to facilitate the seamless migration of Document Library content to Google Cloud Storage, optimizing storage solutions and data management practices.
• Optimized Storage Utilization for GCS: Modified Liferay configurations to avoid mounting a PVC at /opt/liferay/data when using Google Cloud Storage, enhancing performance and optimizing resource utilization.
• API Volume Mounting Refactor for GCS: Refactored how volumes are mounted in the API to improve performance and scalability for GCS. This change ensures that volume management is more efficient and less prone to errors. 
• TimePicker Filter for Console Logs: Introduced a TimePicker filter to the console logs, allowing users to select specific time ranges for log viewing, enhancing the usability and functionality of log analysis.
  
•  Geolocation Headers in Cloud Load Balancing: Enabled Cloud Load Balancing to inject geolocation information into HTTP headers, improving location-based content delivery and service customization for clients.

BUG FIXES

• Elasticsearch Deployment Error with Uppercase Volumes: Fixed an issue where Elasticsearch deployments failed when the volume name contained uppercase characters, ensuring deployment consistency regardless of naming conventions.
• Duplicate Deployments Displayed During Build: Addressed a UI bug where the same deployment was displayed multiple times during the build process if the page was not refreshed, ensuring accurate and unique deployment records are shown.
• Memory Allocation Issue in Backup Service After Kubernetes Upgrade: Resolved a problem where the backup service node process was not allocated memory in proportion to the cgroup limit after upgrading Kubernetes nodes, ensuring appropriate resource allocation and system stability.
• Sensitive Information in Console Repository: Removed and secured sensitive information found in the console repository, enhancing security and protecting against potential data breaches.
• Project Deletion Failure Due to Cloud Storage Bucket Files: Fixed an issue where project deletions failed when trying to delete files from cloud storage buckets, improving the reliability of project cleanup operations.
• Incorrect Redirection from Build Logs Link: Corrected a navigation issue where the build logs link redirected users to the environments list page instead of displaying the logs, ensuring correct redirection and functionality.
• Security Improvement in VPN Containers: Replaced the securityContext: privileged setting in VPN containers with the NET_ADMIN capability to minimize permissions while maintaining necessary functionality, enhancing overall security.
• Ingress Deletion with Service Removal: Ensured that ingress is deleted when relevant services are deleted, preventing unnecessary IP reservation and improving resource management.
• Loop Issue in New Console Pages: Addressed an issue causing new console pages to enter a loop due to improperly validated supportedScopes, enhancing stability and user experience.
• Inconsistent Font Color in Console: Fixed an inconsistency in font color for 'Go to Logs' and 'Go to Metrics' buttons to match the design specifications, ensuring UI consistency across the console.
• Database Service Error Reporting: Improved the error reporting mechanism in the database service when updating instance types, ensuring that errors are properly communicated to users.
• Database Restore Race Condition: Resolved a race condition that could cause database restore operations to fail, enhancing the reliability of database services.
• CLI Redirect Validation Issue: Removed an erroneous redirect validation in the CLI that was causing unexpected behavior, streamlining CLI interactions.
• Metrics Page Accessibility for DR Environments: Fixed an issue preventing the metrics page from being viewable in Disaster Recovery environments, ensuring complete functionality.
• Misleading Redirect on Volumes List: Corrected a UI bug where clicking 'See X more volumes' incorrectly redirected users, now ensuring users remain on the intended page and can view additional volumes without disruption.
• Endpoint Count Mismatch in Console: Addressed a discrepancy between the endpoint count displayed on the endpoint pill and the count shown in the endpoint popover, ensuring accuracy in the console's UI.
• Build Data Missing in App Deployments: Fixed an issue where build data was not properly associated with app deployments due to a prefix mismatch between service IDs in builds and deployments. This fix ensures that deployment listings correctly include associated build information.
• Service Group Migration Issue: Addressed a failure in the migration process for service groups, ensuring that existing apps are correctly migrated without disruption.
• UI Enhancement for Search Logs: Addressed a missing drop shadow issue in the Search Logs, improving the visual distinction and user interface aesthetics.
• Error Reporting Enhancements in Database Service: Improved the reliability of error reporting mechanisms in the database service, particularly when updating instance types, to ensure errors are accurately captured and reported.
• Security Patch for Liferay Console: Resolved a critical vulnerability related to busybox in the liferay-console, enhancing the security and stability of the system.
• Console Loop Due to Unsupported Scopes: Fixed an issue where new console pages were stuck in a loop due to unsupported scopes not being validated. This fix involves adding necessary validations for supported roles, enhancing reliability and user experience.
• UI Consistency in Log and Metric Access Buttons: Corrected the font color inconsistency in the 'Go to Logs' and 'Go to Metrics' buttons across different console versions to match the light gray specified in the design mockups, ensuring UI consistency and clarity.
• Race Condition in Database Restore Operations: Addressed a race condition that could cause database restore operations to fail, improving the robustness and reliability of our database services by ensuring proper synchronization during restores.
• Webserver Configuration Fix: Corrected the default webserver configuration for set_real_ip_from to ensure it uses a valid IP range, enhancing security and reliability of IP handling in webserver setups.
• Project Route Update Fix: Resolved an issue where gcpDiskSize was incorrectly cast to an integer in project route configurations, maintaining data accuracy and preventing configuration errors during project setups.
• Autoscaling Report Logic Correction: Fixed the logic in autoscaling reports to accurately handle scale events that intersect period boundaries, ensuring that scaling activities are correctly recorded and reported, improving the accuracy of autoscaling metrics.
• Backups List Pagination Fix: Fixed a bug where the pagination link did not function on the Backups list page, restoring full navigational functionality and improving the user experience in managing backups.

TASKS

• Security Update for Open Redirect Vulnerability: Patched an open redirect vulnerability in the LiferayCloud/API to enhance security and prevent misuse of the lcIntendedUrl parameter.
• Security Updates for Liferay Console Docker Image: Addressed multiple vulnerabilities in the Docker image of the liferay-console version 6.27.1/master, securing the environment against potential security threats.
• Open Redirect Vulnerability Fix in LiferayCloud/API: Patched an open redirect vulnerability in LiferayCloud/API to enhance security and prevent potential misuse of the lcIntendedUrl parameter.
• MongoDB Sanitizer Text Package Update: Updated the MongoDB sanitizer to address a vulnerability in the text package, enhancing security by moving to a version that resolves CVE-2022-32149. This change ensures the safety and integrity of text processing within our services. 
• MongoDB Sanitizer Busybox Security Update: Fixed a critical security issue by updating the busybox package in the MongoDB sanitizer to version 1.4.2, addressing CVE-2022-48174. This update helps to maintain the security standards of our Docker environments. 
• Crypto-JS Library Vulnerability Fix: Upgraded the crypto-js library used in the console from version 3.1.9-1 to 4.2.0 to mitigate known vulnerabilities, specifically addressing CVE-2023-46233. This upgrade ensures that our cryptographic practices remain secure and up to date.
• Curl Vulnerability Mitigation for Nginx Image: Addressed the Curl vulnerability (CVE-2023-38545) found in the nginx image of the Liferay Cloud stack, implementing necessary patches to secure the environment against potential security threats.
•  Curl Vulnerability Mitigation for Database Image: Addressed the Curl vulnerability (CVE-2023-38545) found in the database image of the Liferay Cloud stack, securing database services by patching the affected Curl instances.
• Mitigation of Curl Vulnerability in Backup Image: Addressed the Curl vulnerability (CVE-2023-38545) found in the backup image of the Liferay Cloud stack, enhancing security measures and protecting against potential exploits.